<?php
	$intFailed = null;
	$boValid = false;
	$txtPassword = null;
	$txtUserName = null;
	
	if(isset($_POST['txtPassword']))
		$txtPassword = $_POST['txtPassword'];
		
	if(isset($_POST['txtUserName']))
		$txtUserName = strtolower($_POST['txtUserName']);
	
	if(!$txtPassword) {
		array_push($ActionResults, "No password supplied!");
		$intFailed++;
	}
	
	if(!$txtUserName) {
		array_push($ActionResults, "No Email address supplied!");
		$intFailed++;
	}
	
	if($intFailed > 0){
		$SCREEN = "scrLogin";
		$SCREEN_LOCATION = MODULE;
		return(FALSE);
	}
	
	$strSQL = 	"SELECT ID
					, Email
					, Password
			 	FROM tblStaff 
				WHERE Email = '$txtUserName' AND Password = Password('$txtPassword')";

	include (MODULE . "/action/actMySqlResults");	

	if ($myrow["Email"] == $txtUserName){ 
		//Set staff session variables
		$_SESSION['sesUserName'] = $txtUserName;
		session_register(sesUserName);
		$_SESSION['sesStaffID'] = $myrow["ID"];
		session_register(sesStaffID);
		$_SESSION['sesUserType'] = "staff";
		session_register(sesUserType);
		array_push($ActionResults, "$txtUserName you have successfully logged in as an administrator.");
	}else{

		$strSQL = 	"SELECT tblCustomer.*
						, UNIX_TIMESTAMP(DATE_ADD(RegistrationDate, INTERVAL 30 DAY)) AS Expires
						, UNIX_TIMESTAMP(now()) 	AS Today
						, tblUserValidity.UserValidity
						, tblCurrencyProfile.ID		AS CurrencyProfileID		
						, tblCurrencyProfile.Currency
					FROM tblCustomer
					LEFT JOIN tblUserValidity 
						ON tblCustomer.ValidFor = tblUserValidity.ID
					LEFT JOIN tblCurrencyProfile
						ON tblCustomer.CurrencyProfile = tblCurrencyProfile.ID 
					WHERE Email = '$txtUserName' 
					AND Password = Password('$txtPassword')";
		
		include (MODULE . "/action/actMySqlResults");	
	
		if (!$myrow["Email"]){ 
			array_push($ActionResults, "Wrong username/password, please try again.");
			$SCREEN = "scrLogin";
		}else{
			//Check if trade and if user still allowed.
			if($SHOP_TYPE == "Trade")
			{
				/*
				 *  1  	*Permanent
				 *	2 	1
				 *  3 	7
				 *  4 	30
				 *  5 	0
				 */
				switch ($myrow[ValidFor]){
					case 5:
						$boValid = false;
						break;
						
					case 1:
						$boValid = true;
						break;
						
					default:
						//echo "<br/>Expires ".$myrow[Expires];
						if($myrow[UserValidity])
						{
							$datExpires = $myrow[Registered] + $myrow[UserValidity];
							//echo "<br/>today ".$myrow[Today];
							if($myrow[Today] <= $myrow[Expires])
								$boValid = true;
						}
				}

			}
			else
			{
				$boValid = true;
			}
			
			if($boValid)
			{
				//echo "valid ".$myrow[CurrencyProfileID];
				if($myrow[CurrencyProfileID] > 1){
					$_SESSION['sesCurrency'] = strToLower($myrow[Currency]);
					session_register(sesCurrency);
					$SCREEN = "CurrencyProfileForward";
				}
				
				$_SESSION['sesUserName'] = $txtUserName;
				session_register(sesUserName);
				$_SESSION['sesClientID'] = $myrow["ID"];
				session_register(sesClientID);
				$_SESSION['sesUserType'] = "customer";
				session_register(sesUserType);
				$_SESSION['sesCustID'] = $myrow["ID"];
				session_register(sesCustID);
				include (MODULE . "/action/qryAddCustomerLoginDate");
				array_push($ActionResults, "$txtUserName you have successfully logged in.");
			}else{
				array_push($ActionResults, "$txtUserName your login has expired.");
			}
		}
	
	}
	

?>